Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
The popular live support tool phpLiveHelper is vulnerable to remote code execution due to an error in the way the tool processes URL parameters.
March 28, 2006
The popular live support tool phpLiveHelper is vulnerable to remote code execution due to an error in the way the tool processes URL parameters. By using a known URL parameter an intruder could cause their code of choice to be included into phpLiveHelper in realtime where that code would then run on the operator's system. An exploit could possibly open a port on a vulnerable system that would allow intruders to interact with the compromised system in variety of ways. No response from the vendor is known at this time
You May Also Like